Ensuring information security is a top priority for us at LexisNexis Legal & Professional, so I wanted to take a moment to address a recent situation that you may have heard about or perhaps even
experienced.

On Friday, June 21, 2013, a large number of individuals, some of them LexisNexis customers
received fraudulent e-mails claiming to be from LexisNexis and containing what appear to be
invoices. These e-mails and the invoices are not legitimate, did not come from LexisNexis and
originated from outside our systems. In fact, LexisNexis systems and customer data remain secure
and unaffected.

If you received such a message, I wanted to provide recommendations from our team:

Disregard the message and attachment and delete them. They are not from LexisNexis.
If you have opened the phishing e-mail, do not click on any links in the e-mail and delete the
message and any attachments from your computer right away.
If you receive the same e-mail again or any questionable message appearing to come from
LexisNexis, do not open it and delete it from your computer.
If you have opened one of these phishing e-mails and clicked on either a link or attachment:
o If you have an IT department in your organization, connect with them right away for
further guidance.
o If you don’t have an IT department, verify that your anti-virus software is up to date,
update it if needed and run a scan of your machine to ensure it is secure.
o Contact the LexisNexis Customer Support team to get your ID cancelled and a newID issued.

This incident reminds us all of us about the reality of online scams and the need to be on the lookout for “phishing” schemes. Phishing involves the use of email messages that appear to come from a trusted source or institution, vendor or company, but are actually from third party impostors. Theseemails typically request payments or include malicious software to obtain personal information,such as user names and passwords, and then exploit that information.

Communications from LexisNexis will never ask for your user name and password via email or by
phone. And, our systems are protected with state of the art technology to ensure your account
information is safe, secure and cannot be compromised. For you our customers, best practices to
secure your account include:

1. Never share user IDs or passwords with anybody, including LexisNexis.
2. Do not write down your user ID and password anywhere.
3. Install and use current anti-virus software.

Following these guidelines and practice, together we can greatly minimize security risks. If you have any questions or concerns about data security generally or the phishing e-mail recently, please do not hesitate to reach out to your LexisNexis representative or contact our Customer Support team at 400-600-8680.
Email: service.china@lexisnexis.com